Lucene search
+L

191 matches found

Huawei
Huawei
added 2020/04/22 12:0 a.m.31 views

Security Advisory - Local Privilege Escalation Vulnerability in Huawei OSD Product

There is a local privilege escalation vulnerability in Huawei OSD product. An authenticated, local attacker can constructs a specific file path to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Vulnerability ID: HWPSIRT-2020-02153 This...

6.7CVSS6.6AI score0.00217EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2020/01/27 5:15 a.m.28 views

CVE-2019-20431

In the Lustre file system before 2.12.3, the ptlrpc module has an osdmapremotetolocal out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osdbufsget in the osdldiskfs module does not validate a certain length value...

7.8CVSS7AI score0.0192EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/10/23 12:0 a.m.43 views

SUSE SLED15 / SLES15 Security Update : ceph, ceph-iscsi, ses-manual_en (SUSE-SU-2019:2736-1)

This update for ceph, ceph-iscsi and ses-manualen fixes the following issues : Security issues fixed : CVE-2019-10222: Fixed RGW crash caused by unauthenticated clients. bsc1145093 Non-security issues-fixed: ceph-volume: prints errors to stdout with --format json bsc1132767 mgr/dashboard: Changin...

7.5CVSS7.3AI score0.0461EPSS
Exploits0References25
OSV
OSV
added 2019/10/22 9:7 a.m.7 views

SUSE-SU-2019:2736-1 Security update for ceph, ceph-iscsi, ses-manual_en

This update for ceph, ceph-iscsi and ses-manualen fixes the following issues: Security issues fixed: - CVE-2019-10222: Fixed RGW crash caused by unauthenticated clients. bsc1145093 Non-security issues-fixed: - ceph-volume: prints errors to stdout with --format json bsc1132767 - mgr/dashboard:...

7.5CVSS7.7AI score0.0461EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.37 views

SUSE SLED15 / SLES15 Security Update : ceph (SUSE-SU-2019:2049-1)

This update for ceph fixes the following issues : Security issues fixed : CVE-2019-3821: civetweb: fix file descriptor leak bsc1125080 CVE-2018-16889: rgw: sanitize customer encryption keys from log output in v4 auth bsc1121567 Non-security issues fixed: install grafana dashboards world readable...

7.5CVSS6.6AI score0.02946EPSS
Exploits1References19
OSV
OSV
added 2019/08/05 3:56 p.m.13 views

SUSE-SU-2019:2049-1 Security update for ceph

This update for ceph fixes the following issues: Security issues fixed: - CVE-2019-3821: civetweb: fix file descriptor leak bsc1125080 - CVE-2018-16889: rgw: sanitize customer encryption keys from log output in v4 auth bsc1121567 Non-security issues fixed: - install grafana dashboards world...

7.5CVSS6.6AI score0.02946EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2019/04/29 12:0 a.m.62 views

openSUSE Security Update : ceph (openSUSE-2019-1284)

This update for ceph version 13.2.4 fixes the following issues : Security issues fixed : - CVE-2018-14662: Fixed an issue with LUKS 'config-key' safety bsc1111177 - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon bsc1099162 - CVE-2018-1128: Fixed signature check bypass i...

8.1CVSS6.3AI score0.03249EPSS
Exploits0References13
OPENSUSE Linux
OPENSUSE Linux
added 2019/04/27 12:0 a.m.112 views

Security update for ceph (moderate)

openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2019:1284-1 Rating: moderate References: 1084645 1086613 1096748 1099162 1101262 1111177 1114567 1114710 Cross-References: CVE-2018-10861 CVE-2018-1128 CVE-2018-1129 CVE-2018-14662 CVE-2018-16846 Affected Products:...

8.1CVSS7.5AI score0.03249EPSS
Exploits0References8
OSV
OSV
added 2018/08/03 5:46 p.m.11 views

SUSE-SU-2018:2193-1 Security update for ceph

This update for ceph fixes the following issues: - Update to version 12.2.7-420-gc0ef85b854: https://ceph.com/releases/12-2-7-luminous-released/ luminous: osd: eternal stuck PG in 'unfoundrecovery' bsc1094932 bluestore: db.slow used when db is not full bsc1092874 CVE-2018-10861: Ensure that...

8.1CVSS7.3AI score0.03249EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/07/30 12:0 a.m.22 views

openSUSE Security Update : cinnamon (openSUSE-2018-767)

This update for cinnamon fixes the following issues : Security issue fixed : - CVE-2018-13054: Fix symlink attack vulnerability boo1083067. Bug fixes : - Update to version 3.4.6 changes since 3.4.4 : - osdWindow.js: Always check the theme node on first showing - an actor's width isn't necessarily...

8.1CVSS7.4AI score0.02201EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/07/27 12:0 a.m.132 views

RHEL 7 : Red Hat Ceph Storage 2.5 (RHSA-2018:2261)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2261 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...

8.1CVSS7AI score0.03249EPSS
Exploits0References26
RedHat Linux
RedHat Linux
added 2018/07/26 7:0 p.m.12 views

ceph: ceph-mon does not perform authorization on OSD pool ops

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images...

8.1CVSS5.7AI score0.03249EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/07/26 3:35 p.m.6 views

ceph: ceph-mon does not perform authorization on OSD pool ops

A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete and corrupt snapshot images...

8.1CVSS5.7AI score0.03249EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/07/18 12:0 a.m.282 views

RHEL 7 : Red Hat Ceph Storage 3.0 (RHSA-2018:2177)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2177 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system...

8.1CVSS7AI score0.03249EPSS
Exploits0References29
OSV
OSV
added 2018/06/07 1:11 p.m.8 views

SUSE-SU-2018:1576-1 Security update for ceph

This update for ceph to 12.2.5-407-g5e7ea8cf03 fixes the following issues: Security issue fixed: - CVE-2018-7262: The rgwcivetweb.cc RGWCivetWeb::initenv function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service. rgw: make init env methods return an error...

7.5CVSS7.7AI score0.0297EPSS
Exploits0References12
OSV
OSV
added 2018/06/07 1:10 p.m.7 views

SUSE-SU-2018:1417-1 Security update for ceph

This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-7262: rgw: malformed http headers can crash rgw bsc1081379. - CVE-2017-16818: User reachable asserts allow for DoS bsc1063014. Bug fixes: - bsc1061461: OSDs keep generating coredumps after adding new OSD node to...

7.5CVSS7.3AI score0.0297EPSS
Exploits0References26
OSV
OSV
added 2017/03/20 3:22 p.m.5 views

SUSE-SU-2017:0758-1 Security update for ceph

This update provides Ceph 10.2.5, which brings fixes and enhancements: This security issue was fixed: - CVE-2016-8626: Handle empty POST condition to not allow attackers to crash the ceph-radosgw service. bsc1007217 These non-security issues were fixed: - OSD daemon uses 100% CPU load after OSD...

6.8CVSS6.5AI score0.0231EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2017/03/17 12:0 a.m.74 views

RHEL 7 : ansible (RHSA-2017:0515)

An update for ansible and ceph-ansible is now available for Red Hat Storage Console 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.3CVSS8AI score0.1765EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2017/02/03 12:0 a.m.50 views

SUSE SLED12 / SLES12 Security Update : ceph (SUSE-SU-2017:0367-1)

This update for ceph fixes the following issues : - CVE-2016-5009: moncommand with empty prefix could crash monitor bsc987144 - Invalid commandd in SOC7 with ceph bsc1008894 - Performance fix was missing in SES4 bsc1005179 - ceph build problems on ppc64le bsc982141 - ceph make build unit test...

6.5CVSS6.1AI score0.0248EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2016/12/21 12:0 a.m.26 views

openSUSE Security Update : ceph (openSUSE-2016-1500)

ceph was updated to version 10.2.4 and fixes the following issues : - A moncommand with empty prefix could crash the monitor boo987144, CVE-2016-5009 - Detect crc32 extension support from assembler on AArch64 boo999688 - Failing file operations on kernel based cephfs mount point could leave...

6.5CVSS6.1AI score0.0248EPSS
Exploits0References12
Rows per page
Query Builder